From: David Bauer <mail@david-bauer.net>
To: hostap@lists.infradead.org
Cc: =?utf-8?q?=C3=89tienne_Morice?= <neon.emorice@mail.com>
Subject: [PATCH] nl80211: add extra-ies only if allowed by driver
Date: Sun, 30 Jan 2022 20:22:00 +0100
Message-Id: <20220130192200.10883-1-mail@david-bauer.net>
List-Id: <hostap.lists.infradead.org>

Upgrading wpa_supplicant from 2.9 to 2.10 breaks broadcom-wl
based adapters. The reason for it is hostapd tries to install additional
IEs for scanning while the driver does not support this.

The kernel indicates the maximum number of bytes for additional scan IEs
using the NL80211_ATTR_MAX_SCAN_IE_LEN attribute. Save this value and
only add additional scan IEs in case the driver can accommodate these
additional IEs.

Reported-by: Étienne Morice <neon.emorice@mail.com>
Tested-by: Étienne Morice <neon.emorice@mail.com>
Signed-off-by: David Bauer <mail@david-bauer.net>
---
 src/drivers/driver.h              | 3 +++
 src/drivers/driver_nl80211_capa.c | 4 ++++
 src/drivers/driver_nl80211_scan.c | 2 +-
 3 files changed, 8 insertions(+), 1 deletion(-)

--- a/src/drivers/driver.h
+++ b/src/drivers/driver.h
@@ -2283,6 +2283,9 @@ struct wpa_driver_capa {
 	/** Maximum number of iterations in a single scan plan */
 	u32 max_sched_scan_plan_iterations;
 
+	/** Maximum number of extra IE bytes for scans */
+	u16 max_scan_ie_len;
+
 	/** Whether sched_scan (offloaded scanning) is supported */
 	int sched_scan_supported;
 
--- a/src/drivers/driver_nl80211_capa.c
+++ b/src/drivers/driver_nl80211_capa.c
@@ -949,6 +949,10 @@ static int wiphy_info_handler(struct nl_
 			nla_get_u32(tb[NL80211_ATTR_MAX_SCAN_PLAN_ITERATIONS]);
 	}
 
+	if (tb[NL80211_ATTR_MAX_SCAN_IE_LEN])
+		capa->max_scan_ie_len =
+			nla_get_u16(tb[NL80211_ATTR_MAX_SCAN_IE_LEN]);
+
 	if (tb[NL80211_ATTR_MAX_MATCH_SETS])
 		capa->max_match_sets =
 			nla_get_u8(tb[NL80211_ATTR_MAX_MATCH_SETS]);
--- a/src/drivers/driver_nl80211_scan.c
+++ b/src/drivers/driver_nl80211_scan.c
@@ -222,7 +222,7 @@ nl80211_scan_common(struct i802_bss *bss
 		wpa_printf(MSG_DEBUG, "nl80211: Passive scan requested");
 	}
 
-	if (params->extra_ies) {
+	if (params->extra_ies && drv->capa.max_scan_ie_len >= params->extra_ies_len) {
 		wpa_hexdump(MSG_MSGDUMP, "nl80211: Scan extra IEs",
 			    params->extra_ies, params->extra_ies_len);
 		if (nla_put(msg, NL80211_ATTR_IE, params->extra_ies_len,
